Subject: Proposal for a REGULATION OF THE EUROPEAN

9005/21 XT/mg 1

JAI.2 LIMITE EN

Council of the European Union

Brussels, 28 May 2021 (OR. en) 9005/21 LIMITE ECODEX 8 EJUSTICE 55 JUSTCIV 90 JAI 579 COPEN 238 DROIPEN 101 IXIM 93 DATAPROTECT 135 CSC 205

Interinstitutional File: 2020/0345(COD)

NOTE

From: General Secretariat of the Council

To: Permanent Representatives Committee/Council

No. prev. doc.: 8339/1/21 REV 1

No. Cion doc.: 13709/20

Subject: Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on a computerised system for communication in cross-border civil and criminal proceedings (e-CODEX system), and amending Regulation (EU) 2018/1726

- Preparation for a general approach

I. INTRODUCTION

1. On 2 December 2020, the Commission presented a proposal for a Regulation of the European

Parliament and of the Council on a computerised system for communication in cross-border

civil and criminal proceedings (e-CODEX system), and amending Regulation (EU)

2018/1726, based on Articles 81(2) and 82(1) of the Treaty on the Functioning of the

European Union.

9005/21 XT/mg 2

JAI.2 LIMITE EN

2. Ensuring an effective access of citizens and businesses to justice and facilitating judicial

cooperation in civil and criminal matters between the Member States are among the main

objectives of the European Union’s Area of Freedom, Security and Justice enshrined in Title

V of the Treaty.

3. Information technology tools play a key role in accomplishing this goal. It is thus important

that appropriate channels are developed to ensure that justice systems can efficiently

cooperate in a digital way. Therefore, it is essential to establish, at Union level, a tool to

promote the digitalisation of communications between Member States in the context of cross-

border judicial cooperation in civil and criminal matters.

4. There are tools which have been developed for the digital exchange of case related data,

without replacing or requiring costly modifications to the existing back-end systems already

established in the Member States. The e-Justice Communication via On-line Data Exchange

(e-CODEX system), which allows swift, direct, interoperable, reliable and secure cross-border

electronic exchange of case related data, is the main such tool developed to date.

5. The e-CODEX system is a tool specifically designed to facilitate the cross-border electronic

exchange of any content transmissible in electronic form in the justice area. In the context of

increased digitalisation of judicial cooperation in civil and criminal matters, the aim of the

e-CODEX system is to improve the efficiency of cross-border communication between the

competent authorities and facilitate access to justice of citizens and businesses.

9005/21 XT/mg 3

JAI.2 LIMITE EN

6. Without laying down rules on the mandatory use of the e-CODEX system, the proposed

Regulation aims to ensure a sustainable legal framework for the system by handing over its

management to the European Union Agency for the operational management of large-scale IT

systems in the area of freedom, security and justice (eu-LISA), established by Regulation

(EU) 2018/1726 of the European Parliament and of the Council. Such legal framework clearly

defines and frames the components of the system and lays down rules regarding its

functioning and development in order to guarantee its long-term sustainability.

7. The proposal sets out the process of transferring the e-CODEX system from a consortium of

Member States – which is currently managing the e-CODEX system with funding from Union

programmes – to eu-LISA, as well as the work processes, once said transfer is in effect. In

order to guarantee the uninterrupted operation and maintenance of the system, the handover of

e-CODEX to eu-LISA should take place in the first half of 2023.

8. The Portuguese Presidency has included this file among its legislative priorities. To that

effect, the ad-hoc Working Party on the e-CODEX Regulation, which started its deliberations

in February, worked at an intensive pace.

II. MAIN ELEMENTS OF THE COMPROMISE

9. Considering the substantial progress made in the discussions of the ad-hoc Working Party, the

Presidency is of the opinion that a general approach can be achieved on the text of the

proposed Regulation.

9005/21 XT/mg 4

JAI.2 LIMITE EN

10. eu-LISA’s governance structure allows for the involvement of Member States in the

management of the system through participation in the Agency's Management Board,

Advisory Groups and Programme Management Boards. Nevertheless, in view of concerns

expressed by Member States and various stakeholders, the Presidency text has introduced

guarantees for the independence of the judiciary as regards the functioning of the e-CODEX

system, by expressly providing for oversight of the system by the Programme Management

Board. Complementing Member States' supervision, this body should ensure that all measures

taken by eu-LISA regarding the e-CODEX system, either technical or organisational,

guarantee, in particular, the independence of the judiciary.

11. Furthermore, it has been clarified that stakeholders and experts, including members of the

judiciary, legal practitioners and professional organisations which are affected by, use or

participate in the e-CODEX system, are to be involved in eu-LISA’s work.

12. In addition to the rules regarding the responsibilities of eu-LISA, the Commission, the

Member States and the entities operating authorised e-CODEX access points, the compromise

text also includes more details on the governance of the e-CODEX system, detailing the

duties of the various bodies involved, notably the Advisory Group and Programme

Management Board, both of which are permanent in nature.

13. Since it is crucial to ensure that the electronic exchange of data via the e-CODEX system

occurs in a secure and trusted manner, it has been clarified that the minimum technical

specifications and standards, to be established by means of implementing acts, should set the

security operating standards, namely in what regards to the connector.

9005/21 XT/mg 5

JAI.2 LIMITE EN

III. CONCLUSION

14. The adoption of the e-CODEX Regulation proposal is time-sensitive, as implementing acts

will have to be drafted and adopted before the actual transfer and eu-LISA will need to secure

resources and staffing for the e-CODEX system. This process could take several months, as

the expertise needed is specific and rigorous screening is required, in order to ascertain the

suitability of candidates.

15. Therefore, the timely adoption of a General Approach is of particular importance.

16. The proposed compromise text covers the whole of the Regulation, including recitals and

annex.

17. The Permanent Representatives Committee is therefore invited:

a) to approve the compromise package presented by the Presidency as set out in the Annex

below; and

b) to invite the Council to approve the general approach.

9005/21 XT/mg 6

ANNEX JAI.2 LIMITE EN

ANNEX

2020/0345 (COD)

Proposal for a

REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

on a computerised system for the electronic exchange of data [...] in the context of cross-

border civil and criminal matters [...] (e-CODEX system), and amending Regulation (EU)

2018/1726

(Text with EEA relevance)

THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION,

Having regard to the Treaty on the Functioning of the European Union, and in particular Article

81(2) and Article 82(1) thereof,

Having regard to the proposal from the European Commission,

After transmission of the draft legislative act to the national parliaments,

Having regard to the opinion of the European Economic and Social Committee1,

Acting in accordance with the ordinary legislative procedure,

1 OJ C , , p. .

9005/21 XT/mg 7


Whereas:

(1) Ensuring an effective access of citizens and businesses to justice and facilitating judicial

cooperation in civil and criminal matters between the Member States are among the main

objectives of the EU’s Area of Freedom, Security and Justice enshrined in Title V of the

Treaty.

(2) It is thus important that appropriate channels are developed to ensure that justice systems

can efficiently cooperate in a digital way. Therefore, it is essential to establish, at Union

level, an information technology instrument that allows swift, direct, interoperable, reliable

and secure cross-border electronic exchange of case related data. [...]

(3) There are tools which have been developed for the digital exchange of case related data,

without replacing or requiring costly modifications to the existing back-end systems already

established in the Member States. The e-Justice Communication via On-line Data Exchange

(e-CODEX) system is the main such tool developed to date.

(4) The e-CODEX system is a tool specifically designed to facilitate the cross-border electronic

exchange of messages in the justice area. In the context of increased digitalisation of

proceedings in civil and criminal matters, the aim of the e-CODEX system is to improve the

efficiency of cross-border communication between the competent authorities and facilitate

access to justice of citizens and businesses. It has been managed up to date by a consortium

of Member States and organisations with funding from Union programmes

(4a) This Regulation concerns electronic exchange of data in the context of cross-border

judicial cooperation in civil and criminal matters. Judicial cooperation in civil and

criminal matters and the respective competences of judicial or other authorities should

be understood in accordance with the Union legal acts and the case law of the Court of

Justice of the European Union.

9005/21 XT/mg 8


(4b) For the purposes of this Regulation, electronic exchange of data includes any content

transmissible in electronic form by means of the e-CODEX system, such as text or

sound, visual or audiovisual recording, in the form of either structured or

unstructured data, files or metadata.

(4c) Whereas the use of electronic exchange of data may be governed by Union legal acts,

this Regulation does not contain rules on the mandatory use of the e-CODEX system.

Similarly, nothing in this Regulation should prevent Member States from developing

and maintaining pilot use cases. Those pilot use cases should not be understood in the

meaning of pilot projects governed by Article 15 of Regulation (EU) 2018/1726. In such

cases, it is up to participating Member States to decide whether to proceed in

accordance with Article 7(1) of this Regulation. The Advisory Group may be involved

in the development of new digital procedural standards.

(4d) The e-CODEX system should be viewed as the preferred solution for an interoperable,

secure and decentralised communication network between national IT systems in

cross-border judicial cooperation in civil and criminal matters.

(5) The e-CODEX system consists of two software elements: a [...] gateway [...] for the

exchange of messages with other gateways and a [...] connector [...], which provides a

number of functionalities related to the transmission of messages between national systems.

Currently, the gateway is based on the eDelivery building block maintained by the

Commission, while the [...] management of the connector is carried out by a consortium of

Member States and organisations with funding from Union Programmes (the entity

managing the e-CODEX system). The connector software provides functions such as

verification of electronic signatures via a security library and proof of delivery. In addition,

the entity managing the e-CODEX system has developed data schemas [...] for digital

forms to be used in the specific civil and criminal procedures for which it has piloted the

e-CODEX system.

9005/21 XT/mg 9


(5a) The e-CODEX system provides an interoperable solution for the Justice sector to

connect the IT systems of the competent national authorities, such as the judiciary, or

other organisations.

(5b) The European Interoperability Framework (EIF (COM/2017/0134 FINAL)) is a

commonly agreed approach to the delivery of European public services in an

interoperable manner of which the e-CODEX system should be a specific

implementation for the justice domain. For the purpose of this Regulation the term

interoperable takes into account the EIF.

(6) Given the importance of the e-CODEX system for cross-border exchanges in the justice area

in the Union, there should be a sustainable Union legal framework establishing the

e-CODEX system and providing rules regarding its functioning and development. Such

legal framework should clearly define and frame the components of the e-CODEX system in

order to guarantee its technical sustainability. The system should define the IT components

of an access point, which should consist of a gateway for the purpose of secure

communication with other identified gateways and a connector for the purpose of supporting

the message exchanges. It should also include digital procedural standards consisting of the

business process models and data schemas [...] defining the electronic format of the data

exchanged [...] in the context of those procedures to support the use of e-CODEX access

points for legal procedures provided for by legal acts adopted in the area of judicial

cooperation in civil and criminal matters and to enable the exchange of information

between the access points. [...]

(6a) Given that semantic interoperability should be a contributing factor to achieve the

objective of this Regulation of a standardised and meaningful interaction between two

or more parties, particular consideration should be attributed to the EU e-Justice Core

Vocabulary.

9005/21 XT/mg 10


(7) Since it is necessary to ensure the long term sustainability of the e-CODEX system and its

governance while taking into account the independence of the national judiciaries, an

appropriate entity for the [...] management of the system should be designated.

(8) The most appropriate entity for the [...] management of the system is an agency, since its

governance structure allows for the involvement of Member States in the [...] management

of the system through participation in the Agency's Management Board, Advisory Groups

and Programme Management Boards. The European Union Agency for the operational

management of large-scale IT systems in the area of freedom, security and justice (eu-LISA)

established by Regulation (EU) 2018/1726 of the European Parliament and of the Council2

has relevant experience in managing large-scale IT Systems. eu-LISA should therefore be

entrusted with the [...] management of the e-CODEX system. It is also necessary to adjust

the existing governance structure of eu-LISA by adapting the responsibilities of its

Management Board and by establishing an e-CODEX Advisory Group. Regulation (EU)

2018/1726 should therefore be amended accordingly. A specific Programme Management

Board should also be established.

(9) According to Article 19 of Regulation (EU) 2018/1726 the role of the Management Board of

eu-LISA is to ensure that all decisions and actions of the Agency affecting large-scale IT

systems in the area of freedom, security and justice respect the principle of independence of

the judiciary. The governance structure of the Agency and financing scheme further

guarantee the respect of that principle. It is also important to involve the legal professions,

other experts and stakeholders in the governance of the e-CODEX system through the

Advisory Group and the Programme Management Board.

2 Regulation (EU) 2018/1726 of the European Parliament and of the Council of 14 November

2018 on the European Union Agency for the Operational Management of Large-Scale IT

Systems in the Area of Freedom, Security and Justice (eu-LISA), and amending Regulation

(EC) No 1987/2006 and Council Decision 2007/533/JHA and repealing Regulation (EU) No

1077/2011 (OJ L 295, 21.11.2018, p. 99)

9005/21 XT/mg 11


(10) Given eu-LISA's priority tasks of developing and managing the Entry/Exit System (EES),

the European Travel Information and Authorisation System (ETIAS), the European Criminal

Records Information System for Third Country Nationals (ECRIS-TCN), the revised

Schengen Information System (SIS), the Visa Information System (VIS) and Eurodac, as

well as the strategic task to establish a framework for interoperability between EU

information systems, eu-LISA should not take over the responsibility for the e-CODEX

system earlier than on 1 July 2023.

(11) The e-CODEX system can be used in cross-border civil and criminal matters [...].

Although the e-CODEX system [...] could also be used in other situations [...], this

Regulation only applies to the cross-border exchange of data between connected

systems via authorised e-CODEX access points, in accordance with the corresponding

digital procedural standards.

(12) eu-LISA should have responsibility for the components of the e-CODEX system, except for

the [...] management of the [...] gateway software, since that software is currently provided

on a cross-sectoral basis within the eDelivery building block by the Commission. eu-LISA

should take over full responsibility for the [...] management of the [...] connector software

and the digital procedural standards from the entity managing the e-CODEX system until

the handover. Given that the [...] gateway and the [...] connector are integral components of

e-CODEX, eu-LISA should assure compatibility of the connector with the latest version of

the gateway. To that end, the Commission should include eu-LISA in the relevant

governance body of the eDelivery building block from the moment of the entry into force of

this Regulation.

9005/21 XT/mg 12


(13) In order to ensure uniform conditions for the implementation of this Regulation,

implementing powers should be conferred on the Commission. Those powers should be

exercised in accordance with Regulation (EU) No 182/2011 of the European Parliament and

of the Council3. The implementing acts adopted in that framework should establish the

minimum technical specifications and standards, including on security and methods for

integrity and authenticity verification, underpinning the components of the e-CODEX

system; establish the service level requirements for the activities carried out by eu-LISA and

other necessary technical specifications for these activities; and establish the specific

arrangements [...] of the handover/takeover process. Implementing acts could also establish

the technical arrangements supporting the use of the e-CODEX system in the procedures in

the area of judicial cooperation in civil and criminal matters.

(13a) The connector should be able to technically support all types of electronic seals and

electronic signatures as provided for in Regulation (EU) No 910/2014. The

establishment of minimum technical specifications and standards should set the

security operating standards, namely in what regards to the connector. The security

requirements on the functioning of the connector should take into account security

standards for information security and existing European legislation, such as

Regulation (EU) No 910/2014, Regulation (EU) 2016/679, Directive (EU) 2016/680 and

Regulation (EU) 2018/1725.

3 Regulation (EU) No 182/2011 of the European Parliament and of the Council of 16

February 2011 laying down the rules and general principles concerning mechanisms for

control by Member States of the Commission's exercise of implementing powers

(OJ L 55, 28.2.2011, p. 13).

9005/21 XT/mg 13


(13b) E-CODEX Correspondents should be entitled to [...] receive technical support under

this Regulation. The service level requirements for the activities to be carried out by

eu-LISA could address the matter of the number of e-CODEX correspondents in

Member States and in the Commission, either by providing for a limited number of

correspondents or service levels which vary according to the number of requests for

support.

(14) eu-LISA's specific responsibilities in relation to the [...] management of the e-CODEX

system should be laid down.

(14a) The tasks of eu-LISA include the addition of new features. One of such new features

could be a feature in the connector allowing for the retrieval of relevant statistical data

regarding the number of technical messages sent and received through each authorised

e-CODEX access point.

(15) The Member States should maintain a list of authorised e-CODEX access points needed for

the connected systems [...] within their territory, and communicate them to eu-LISA in

order to enable the interaction between them in the context of the relevant procedures. The

Commission should maintain a similar list of authorised e-CODEX access points operated

by the Union institutions, bodies and agencies for the same reason. The entities operating

eCODEX [...] access points at national level may be public authorities, organisations

representing legal practitioners or private companies. Bearing in mind the decentralised

nature of the e-CODEX system, while eu-LISA should ensure the [...] management of the

e-CODEX system, the responsibility for setting up and operating the authorised e-CODEX

access points should lie exclusively with the entities operating the relevant access points. On

the basis of the applicable law, the entities operating the authorised e-CODEX access point

should bear the responsibility for any damage resulting from the operation of the authorised

e-CODEX access point.

9005/21 XT/mg 14


(15a) Member States should supervise their authorised e-CODEX access points, in particular

when they are operated by entities that are not part of the public administration.

(16) [...] A mechanism should be put in place to monitor [...] the impact[...] of instruments that

enable the transmission of electronic data in the context of cross-border civil and criminal

matters [...] in the Union. [...] The entities operating authorised e-CODEX access points

should therefore be able to systematically collect and maintain comprehensive data on its

[...] use [...]. This should not only alleviate the work of the Member States in collecting the

relevant data and ensure mutual accountability and transparency, but also significantly

facilitate the ex-post monitoring of the legal acts adopted in the area of civil and criminal

cooperation by the Commission. The collected information should only encompass

aggregated data and should not constitute personal data.

(16a) When providing technical support to e-CODEX correspondents in relation with the e-

CODEX system, eu-LISA should act as a single point of contact, including for the

gateway.

[...](17)eu-LISA should maintain a high level of security when carrying out its tasks. When

undertaking further technical evolutions of software, eu-LISA should implement the

principles of security by design and data protection by design and by default, in accordance

with Regulation (EU) 2018/1725. The entities operating the authorised e-CODEX access

point should bear the responsibility for the security of the data transmitted via their access

points.

(18) Classified information, as set out in Article 2 of the Agreement between the Member

States of the European Union, meeting within the Council, regarding the protection of

classified information exchanged in the interests of the European Union (OJ C 202,

8 July 2011, p.13), should not be transmitted via e-CODEX, unless the relevant rules

are fulfilled. [...]

9005/21 XT/mg 15


(19) In order to allow eu-LISA to prepare the takeover adequately, the entity managing the e-

CODEX system should prepare by 31 December 2022 a handover document setting out the

detailed arrangements for the transfer of the e-CODEX system, including the criteria for a

successful handover process and its completion, in accordance with implementing acts

adopted by the Commission pursuant to this Regulation. The handover document should

cover the components of the e-CODEX system including the gateway, the connector and the

digital procedural standards, as well as the relevant supporting software products,

documentation and related assets [...]. The Commission should monitor the

handover/takeover process in order to ensure its compliance with the implementing acts and

the handover document, and the takeover should only take place once the Commission has

declared that the process has been successfully completed, after consulting the entity

managing the e-CODEX system until the handover. After submitting the handover

document and until the successful handover of the e-CODEX system to eu-LISA, the entity

managing the e-CODEX system should not perform changes to the system or deliver any

new software release beyond what is necessary to ensure its corrective maintenance

[...].

(20) The handover should also ensure that any intellectual property rights or usage rights relating

to the e-CODEX system and the relevant supporting products are transferred so as to enable

eu-LISA to carry out its responsibilities under this Regulation. However, for the main

software components of the system, a contractual transfer should not be needed, as the [...]

software is open source and covered by the European Union Public Licence (EUPL).

9005/21 XT/mg 16


(21) In order for the Commission to be able to evaluate the e-CODEX system on a regular basis,

eu-LISA should report to the Commission every two years on the technical evolution and

the technical functioning of the e-CODEX system. In order to feed into that report, Member

States should provide eu-LISA with the relevant information concerning the access points

needed for the connected systems [...] in their territory and the Commission should provide

similar information concerning the access points operated by Union institutions, bodies and

agencies.

(21a) The e-CODEX Advisory Group should provide eu-LISA with the necessary expertise

related to the e-CODEX system, in particular by promoting the exchange of

experiences and best practices, including in relation to pilot use cases not falling under

the scope of this Regulation.

(21b) The procedure for the development of new use cases within eu-LISA pursuant to this

Regulation is without prejudice to further evolution of the European e-Justice Strategy

and Action Plan4 fostering the development of such cases which should be considered

by eu-LISA.

(21c) The term of office of the members of the Programme Management Board and their

alternates is renewable, but due consideration should be given to the representation of

different Member States on the Programme Management Board, which is to be

promoted whenever possible so as to ensure participation of all Member States over

time.

(21d) In fulfilment of its duties, the Programme Management Board should ensure [...] that

all measures taken by eu-LISA regarding the e-CODEX system, either technical (for

instance, concerning infrastructure, data management and data separation) or

organisational (for instance, concerning key personnel and other human resources),

are in accordance with the guarantees of independence of the judiciary.

4 OJ C 96, 13.3.2019, p. 3.

9005/21 XT/mg 17


(21e) The commitment of resources to the operation of the e-CODEX system in accordance

with this Regulation should be understood as preventing eu-LISA from defunding or

taking resources away from the e-CODEX system for the benefit of other projects.

(21f) As regards the costs incurred in the performance of tasks laid down by this Regulation,

nothing in the Regulation will prevent Member States from applying for funding for

their national e-CODEX implementation from EU financing programmes.

(21g) Insofar as permitted by national legislation, nothing in this Regulation prevents the

submission of information to eu-LISA in an automated way, in particular the

notifications provided for under Article 14.

(22) This Regulation does [...] not provide any specific legal basis for processing personal data.

Any processing of personal data performed in the framework of this Regulation should be in

accordance with the applicable data protection rules. Regulation (EU) 2016/679 of the

European Parliament and the Council5 and Directive (EU) 2016/680 of the European

Parliament and the Council6, apply to the processing of personal data carried out by

e-CODEX access points, operated by authorised e-CODEX access points which are

established within the territory of the Member States according to this Regulation.

5 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016

on the protection of natural persons with regard to the processing of personal data and on the

free movement of such data, and repealing Directive 95/46/EC (General Data Protection

Regulation) (OJ L 119, 4.5.2016, p. 1). 6 Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on

the protection of natural persons with regard to the processing of personal data by competent

authorities for the purposes of the prevention, investigation, detection or prosecution of

criminal offences or the execution of criminal penalties, and on the free movement of such

data, and repealing Council Framework Decision 2008/977/JHA (OJ L 119, 4.5.2016,

p. 89).

9005/21 XT/mg 18


(23) Regulation (EU) 2018/1725 of the European Parliament and of the Council7 applies to the

processing of personal data carried out by Union institutions, bodies, offices and agencies in

the context of this Regulation.

(23a) This Regulation respects the fundamental rights and observes the principles recognised

in the Charter of Fundamental Rights of the European Union. In particular, this

Regulation seeks to promote the application of the Charter, and of Article 47 thereof,

concerning the right to an effective remedy and to a fair trial.

(23b) Since the objectives of this Regulation to establish the e-CODEX system at EU level,

and to entrust the eu-LISA Agency with the system’s management cannot be

sufficiently achieved by the Member States and can rather, by reason of the scale and

effects of this Regulation, be better achieved at Union level, the Union may adopt

measures, in accordance with the principle of subsidiarity as set out in Article 5 of the

Treaty on European Union. This Regulation is directly applicable in all Member States

and binding in its entirety. It therefore guarantees a uniform application of the rules

across the EU and their entry into force at the same time. It offers legal certainty by

avoiding divergent interpretations in the Member States, thus preventing legal

fragmentation. In accordance with the principle of proportionality as set out in that

Article, this Regulation does not go beyond what is necessary to achieve that objective.

(24) In accordance with Articles 1 and 2 of Protocol No 22 on the position of Denmark, annexed

to the Treaty on European Union and to the Treaty on the Functioning of the European

Union, Denmark is not taking part in the adoption of this Regulation and is not bound by it

or subject to its application.

7 Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October

2018 on the protection of natural persons with regard to the processing of personal data by

the Union institutions, bodies, offices and agencies and on the free movement of such data,

and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (Text with EEA

relevance.) (OJ L 295, 21.11.2018, p. 39).

9005/21 XT/mg 19


(25) In accordance with Articles 1, 2 and 4a(1) of Protocol No 21 on the position of the United

Kingdom and Ireland in respect of the area of freedom, security and justice, annexed to the

Treaty on European Union and to the Treaty on the Functioning of the European Union, and

without prejudice to Article 4 of that Protocol, Ireland is not taking part in the adoption of

this Regulation and is not bound by it or subject to its application.

[...]

(27) The European Data Protection Supervisor was consulted and delivered an opinion on …8,

8 OJ ...

9005/21 XT/mg 20


HAVE ADOPTED THIS REGULATION:

CHAPTER 1

General Provisions

Article 1

Subject matter

This Regulation establishes the legal framework for the e-CODEX system […].

It lays down rules on the following:

(a) the definition, […] composition, functions and management of the e-CODEX system;

(b) the responsibilities […] of the […] European Agency for the operational management of

large-scale IT systems in the area of freedom, security and justice (eu-LISA) regarding

the e-CODEX system;

(c) the responsibilities of the Commission, Member States and the entities operating

authorised e-CODEX access points.

Article 2

Scope

This Regulation shall apply to the electronic exchange of data […] in the context of cross-border

judicial cooperation in […] civil and criminal matters […]by means of the e-CODEX system in

accordance with the legal acts adopted in that […] area […].

9005/21 XT/mg 21


Article 3

Definitions

For the purpose of this Regulation, the following definitions shall apply:

(a) ‘e-CODEX system’ (e-Justice Communication via Online Data Exchange in the area

of justice) means a decentralised and interoperable system for cross-border

communication for the purpose of facilitating electronic exchange of data in a secure

and trusted manner in the area of justice;

(b) ‘e-CODEX access point’ means the […] software packages installed on a hardware

infrastructure, able to transmit and receive information to and from other e-CODEX

access points in a secure and trusted manner;

(c […]) ‘authorised e-CODEX access point’ means an e-CODEX access point authorised by a

Member State or the Commission which has been notified to eu-LISA in accordance

with Article 5(4) or Article 7(1) and which is operating a digital procedural standard as

referred to in (h) [...];

(d […]) ‘entity operating an authorised e-CODEX access point’ means a European Union

institution, body, office or agency, [...] or a national public authority or legal person which

is operating an authorised e-CODEX access point;

(e [...]) ‘connected system’ means an IT system which is connected to an e-CODEX access point

for the purpose of exchanging data [...] with other connected systems [...];

(f […] ) ‘central testing platform’ means an e-CODEX system component [...] used exclusively for

testing, that provides a set of functions which can be used by entities operating authorised

e-CODEX access points to verify the correct operation of their access points and the

correct use of the e-CODEX digital procedural standards in the connected systems

associated [...] to those [...] access points;

9005/21 XT/mg 22


[...]

(g […] ) ‘business process model’ means a graphical and textual representation of a conceptual

model of several related, structured activities or tasks, along with the relevant data models,

and the sequence in which the activities or tasks have to be performed, in order to achieve

a standardised and meaningful interaction between two or more parties;

(h) ‘digital procedural standard’ means the technical specifications on business process

models as referred to in (g) and the data schemas based on the EU e-Justice Core

Vocabulary defining the electronic structure of the data exchanged in the context of

the e-CODEX system;

(i) ‘e-CODEX correspondent’ means a person, designated by a Member State or the

Commission, who can receive assistance from eu-LISA concerning all the e-CODEX

system components in accordance with Article 6(3).

[…]

CHAPTER 2

Composition, functions and responsibilities in relation to the e-

CODEX system

Article 4

Composition of the e-CODEX system

1. The e-CODEX system shall be composed of an e-CODEX access point, [...] digital

procedural standards and the supporting software products, documentation and related

assets, listed in Annex I [...].

9005/21 XT/mg 23


2. The e-CODEX access point shall be composed of:

(a) a gateway consisting of a software, based on a common set of protocols, enabling the

secure exchange of information over a telecommunications network with other

gateways using the same common set of protocols;

(b) a connector, making it possible to link connected systems to the gateway referred to

in point (a), and consisting of a software, based on a common set of open protocols,

enabling the following:

(i) structuring, logging and linking of messages;

(ii) the verification of their integrity and authenticity;

(iii) the creation of time-linked evidences of receipt for the exchanged messages.

[…]

Article 5

Responsibilities of the Commission

1. By 31 December 2022 the Commission shall establish, by means of implementing acts:

(a) the minimum technical specifications and standards, including on security and

methods for integrity and authenticity verification [...], underpinning the

components of the e-CODEX system referred to in Article 4;

(b) the service level requirements for the activities to be carried out by eu-LISA in

accordance with Article 6 as well as other necessary technical specifications for

those activities.

(c) the specific arrangements of the handover/takeover process referred to in Article 9.

9005/21 XT/mg 24


2. [...] The Commission may adopt […] , by means of implementing acts, [...]the digital

procedural standards defined in Article 3(h), unless the adoption of such standards is

foreseen in other Union legal acts in the area of cross-border judicial cooperation in

civil and criminal matters. [...].

3. The implementing acts referred to in paragraphs 1 and 2 shall be adopted in accordance

with the examination procedure referred to in Article 17(2).

4. The Commission shall maintain a list of authorised e-CODEX access points which are

operated by Union institutions, bodies, offices and agencies, and the digital procedural

standards [...] which each access point is authorised to apply. It shall notify the changes to

eu-LISA without delay, [...].

5. The Commission shall designate […] e-CODEX correspondents. Only those e-CODEX

correspondents shall be entitled to [...] receive technical support referred to in

Article 6(1 […] )(f) [...] in relation to the e-CODEX system operated by Union institutions,

bodies, offices and agencies, under the terms defined in the implementing act pursuant

to paragraph 1 (b) of the present article.

Article 6

Responsibilities of eu-LISA

1. eu-LISA shall be responsible for […] the components of the e-CODEX system referred to

in Article[...] 4[...] with the exception of the gateway [...] and, in particular, for the

following tasks :

[...]

9005/21 XT/mg 25


(a) development, maintenance, [...] bug fixes and updates, including on security [...]

and distribution to the entities operating authorised e-CODEX access points of the

software products and related assets […];

(b) addition of new features, published as new software versions, in order to

respond to emerging requirements, namely those laid down by the

implementing acts referred to in Article 5(2) or by the e-CODEX Advisory

Group;

(c [...])preparation [...], maintenance, update and distribution [...] to the entities

operating authorised e-CODEX access points of the [...] documentation relating to

the components of the e-CODEX system, [...] its supporting software products and

the related assets [...];

(d [...])development, maintenance, update and distribution to the entities operating

authorised e-CODEX access points of a configuration file containing an exhaustive

list of authorised e-CODEX access points, including the digital procedural

standards that [...] each of those [...] access points is authorised to apply;

[...]

(e) support and coordination of testing activities, including connectivity, involving the

authorised e-CODEX access points;

(f) technical support for the e-CODEX correspondents in relation to the e-CODEX

system;

[...]

9005/21 XT/mg 26


(g [...]) publication on the eu-LISA website of a list of the authorised e-CODEX access

points, which have been notified to eu-LISA, and the digital procedural standards

that [...] each of those [...] access points is authorised to apply;

(h [...]) respond to requests for technical advice and support from the Commission services

in the context of the preparation of the implementing acts provided for in

Article 5(2);

(i [...]) identification, assessment and preparation […] of new digital procedural

standards [...], including by organising and facilitating workshops with the

e-CODEX correspondents.

(j) development, deployment, maintenance, update and distribution to the entities

operating authorised e-CODEX access points of the digital procedural

standards and of the EU e-Justice Core Vocabulary on which they are based;

(k) development, maintenance, and update of the EU e-Justice Core Vocabulary on

which the digital procedural standards are based;

(l [...]) development and distribution [...] of security operating standards, as provided

for in Article 10;

(m [...]) provision of training on the technical use of the e-CODEX system in

accordance with Regulation (EU) 2018/1726, including provision of online

training materials.

2 [...]. eu-LISA shall be responsible for the following additional tasks:

(a) provision, operation and maintenance in eu-LISA's technical sites of the hardware

and software IT infrastructure necessary for carrying out its tasks;

(b) provision, operation and maintenance of a central testing platform;

9005/21 XT/mg 27


(c) informing the general public through the Internet about e-CODEX, by means of a set

of large-scale communication channels, such as websites or social media platforms;

(d) preparation, update and online distribution of non-technical information relating to

the e-CODEX system and the activities carried out by eu-LISA.

3 [...]. For the purposes of paragraph 1(f), eu-LISA shall make resources available on an on-

call basis during business hours to provide e-CODEX correspondents with a single point

of contact for technical support, including for the gateway [...].

[…].

Article 7

Responsibilities of the Member States

1. Member States shall authorise e-CODEX access points [...] needed for the connected

systems in their territory in accordance with the applicable national and Union law

and shall maintain a list of those [...] access points [...] as well as of the digital

procedural standards [...] which each access point is authorised to apply. Member States

shall not operate their authorised access points in Third Countries and they shall

supervise [...] their authorised e-CODEX access points, ensuring that the conditions

under which authorisation was granted are continuously met, and notify the changes

to eu-LISA without delay[...].

2. [...] Member States shall designate […] e-CODEX correspondents. Only those

correspondents shall be entitled to [...] receive the technical support referred to in

Article 6(1 [...])(f) in accordance with [...] the terms defined in the implementing act

pursuant to Article 5(1)(b).

9005/21 XT/mg 28


Article 8

Responsibilities of entities operating authorised e-CODEX access points

1. The entity operating an authorised e-CODEX access point shall be responsible for its

secure set-up and operation. This responsibility shall include the necessary adaptations to

the connector referred to in Article 4(2)(b) to make it compatible with any connected

systems [...].

2. The entity operating an authorised e-CODEX access point shall provide to the Member

State which has authorised the access point the [...] statistical data […] defined in [...]

Article 14 (1) and (2) (a […]) and in [...] the relevant provisions of the legal Union acts

adopted [...] in the area of judicial cooperation in civil and criminal matters [...].

3. The responsibility [...] for any damage resulting from the operation of an authorised

e-CODEX access point and any connected systems shall be borne, on the basis of the

applicable law, by the entity operating that authorised e-CODEX access point.

Article 9

Handover and takeover

1. The entity managing the e-CODEX system until the handover [...] shall, by

31 December 2022 at the latest, submit a common handover document to eu-LISA

specifying the detailed arrangements for the transfer of the e-CODEX system, including

the criteria for a successful handover process and completion and related documentation,

as established by the implementing acts adopted pursuant to Article 5(1)(c). [...] The

handover document [...] shall also include provisions on intellectual property rights or

usage rights relating to the e-CODEX system and the supporting software products,

documentation and related assets, listed in Annex I [...] enabling eu-LISA to carry out its

responsibilities in accordance with Article 6.

9005/21 XT/mg 29


2. [...] Within a period of six months after the delivery of the handover document referred to

in paragraph 1 a handover/takeover process shall take place between the entity managing

the e-CODEX system and eu-LISA. During that period, the entity managing the e-CODEX

system until the handover shall retain full responsibility for it [...] and shall ensure that no

changes to the system are performed or any new release is delivered other than for

the purpose of carrying out corrective maintenance of the system [...].

3. The Commission shall monitor the handover/takeover process in order to ensure that the

detailed arrangements of the process are correctly implemented by the entity managing the

e-CODEX system until the handover and eu-LISA, on the basis of the criteria referred to

in paragraph 1.

4. eu-LISA shall take over responsibility for the e-CODEX system not earlier than on

1 July 2023. The handover will take place at the date when the Commission declares

[...] the successful completion of the handover/takeover process referred to in paragraph 2,

after consulting the entity managing the e-CODEX system until the handover and

eu-LISA, [...].

9005/21 XT/mg 30


Article 10

Security

1. After the successful takeover of the e-CODEX system, eu-LISA shall be responsible for

maintaining a high level of security when carrying out its tasks, including the security of

the hardware and software IT infrastructure referred to in Article 6(2 [...]). In particular,

eu-LISA shall ensure that an e-CODEX security plan is established and maintained and

that the e-CODEX system is operated according to this security plan, taking into account

the classification of the information processed in e-CODEX and eu-LISA information

security rules. Such a plan shall provide for regular security inspections and audits

including software security assessments of the e-CODEX system with the participation of

the entities operating an e-CODEX access point.

2. When carrying out its responsibilities, eu-LISA shall implement the principles of security

by design and data protection by design and by default. [...]

3. The entity operating an authorised e-CODEX access point shall have the exclusive

responsibility for its secure set-up and operation taking into consideration the

technical standards set out under Article 5(1)(a), as well as those laid down in

paragraph 5 of this Article [...].

4. It shall without delay notify any security incident [...] to eu-LISA and to the Member State

that maintains the list of authorised e-CODEX access points where that access point is

listed, or, in the case of an access point operated by a Union institution, body, office or

agency, to the Commission.

5. Following the detection of any vulnerabilities or security incidents by eu-LISA or the

notification of security incidents provided for in paragraph 4, eu-LISA shall analyse

the security incident and inform without delay the entities operating authorised

e-CODEX access points impacted by it and the Advisory Group

9005/21 XT/mg 31


6. eu-LISA shall develop security rules and guidance regarding e-CODEX access points. The

entity operating an authorised e-CODEX access point shall provide eu-LISA with

statements proving its compliance with the security rules […] of e-CODEX access points.

Those statements shall be updated on a yearly basis, or whenever a change is otherwise

required.

Article 11

e-CODEX Advisory Group

1. As from 1 January 2023, the e-CODEX Advisory Group established pursuant to Article

27(dc) of Regulation (EU) 2018/1726 shall provide eu-LISA with the necessary expertise

related to the e-CODEX system, in particular in the context of preparation of its annual

work programme and its annual activity report. The Advisory Group may set up sub-

groups for the purpose of examining specific matters, including supporting specific

digital procedural standards. [...]

2. The Advisory Group shall, in particular [...]:

(a) follow up on the state of implementation in the Member States;

(b) identify, assess and prepare new digital procedural standards;

(c) promote knowledge sharing;

(d) monitor eu-LISA's compliance with the service level requirements set out in the

implementing act adopted pursuant to [...] Article 5(1)(b);

[...]

(e [...])provide an opinion on a draft version of the report provided for in Article 15.

9005/21 XT/mg 32


3. During the handover/takeover process the e-CODEX Advisory Group shall meet regularly,

at least every second month, until the takeover process is successfully completed, and at

least every six months thereafter [...].

4 [...]. The e-CODEX Advisory Group shall report after each meeting to the Programme

Management Board. It shall provide the technical expertise to support the tasks of the

Programme Management Board [...].

5 [...]. The e-CODEX Advisory Group shall involve stakeholders and experts in its work,

including members of the judiciary, legal practitioners[...]and professional

organisations, which are affected by, use or participate [...] in [...] the e-CODEX

system [...].

Article 12

Programme Management Board

1. By 1 January 2023, the Management Board of eu-LISA shall establish a permanent [...]

e-CODEX Programme Management Board [...]. It shall advise the Management Board

of eu-LISA on the long-term sustainability of the e-CODEX system, in particular [...]

with regard to the prioritisation of activities and other strategic commitments, ensure

the adequate management of the system and monitor the guarantees of the

independence of the judiciary, prompting preventive or corrective action, where

necessary. The Programme Management Board has no mandate to represent the

members of the Management Board.

9005/21 XT/mg 33


2. The Programme Management Board shall be composed of ten members: the Chair of the

Advisory Group, referred to in Article 11, eight members appointed by the Management

Board, [...] and one member appointed by the Commission. Each member shall have an

alternate. The Management Board shall ensure that the members of the Programme

Management Board and their alternates [...] have the necessary experience and

expertise regarding the performance of their tasks [...].

3. The term of office of the members and their alternates shall be four […] years and

shall [...] be renewable.

4 [...]. eu-LISA shall participate in the work of the Programme Management Board. To that end,

representatives of eu-LISA shall attend the meetings of the Programme Management

Board in order to report on work regarding the e-CODEX system and on any other related

work and activities.

5 [...]. The Programme Management Board shall meet at least once every six [...] months, and

more often when necessary. [...]. The Programme Management Board shall submit written

reports regularly and if possible every sixth [...] month to the Management Board of eu-

LISA on the progress of the system [...]. [...]

6 [...]. The Programme Management Board shall establish its rules of procedure which shall

include in particular rules on:

(a) choice of the chairperson and of the deputy chairperson and their term of office;

(b) meeting venues;

(c) preparation of meetings;

9005/21 XT/mg 34


(d) admission of stakeholders and experts [...] to the meetings, including members of

the judiciary, legal practitioners, [...]and professional organisations which are

affected by, use or participate [...] in [...] the e-CODEX system [...];

(e) communication plans ensuring that non-participating members of the Management

Board are kept fully informed.

7 [...]. [...] Article 21(1) of Regulation (EU) 2018/1726 shall apply mutatis mutandis as

regards the chairperson and the deputy chairperson of the Programme Management

Board. [...]

8 [...]. All travel and subsistence expenses incurred by the members of the Programme

Management Board shall be paid by eu-LISA. Article 10 of the eu-LISA Rules of

Procedure shall apply mutatis mutandis.

9 [...]. The Programme Management Board's secretariat shall be ensured by eu-LISA.

[…]

Article 13a

Independence of the judiciary

1. When carrying out the responsibilities provided for in this Regulation, all entities

shall ensure that their decisions and actions respect the principle of independence of

the judiciary.

9005/21 XT/mg 35


2. For this purpose, eu-LISA shall commit the resources provided to it for the e-CODEX

system in their entirety to its operation under the present regulation, and ensure the

involvement of justice representatives in the management of the e-CODEX system,

pursuant to Articles 11 and 12.

Article 14

Notifications

1. By 31 January of every year after the successful takeover of the e-CODEX system by eu-

LISA, Member States shall notify eu-LISA of the following information:

[…]

(a [...]) the number of technical messages sent and received through [...] each authorised

e-CODEX access point needed for the connected systems [...] within their territory,

grouped by corresponding authorised e-CODEX access point and digital procedural

standard [...], unless an equivalent [...] notification procedure applies under

other [...] Union legal acts;

(b [...]) the number and type of incidents encountered by entities operating authorised e-

CODEX access points needed for the connected systems within the territory of the

Member State and impacting the security of the e-CODEX system, unless an

equivalent [...] notification procedure applies under [...] other [...] Union legal

acts.

2. By 31 January of every year after the successful takeover of the e-CODEX system by

eu-LISA, the Commission shall notify eu-LISA of the following information:

[…]

9005/21 XT/mg 36


(a [...]) the number of technical messages sent and received through [...] each authorised

e-CODEX access point operated by Union institutions, bodies, offices and agencies,

grouped by corresponding authorised e-CODEX access point and digital procedural

standard [...], unless an equivalent [...] notification procedure applies under [...]

other [...] Union legal acts;

(b [...]) the number and type of incidents encountered by entities operating authorised

e-CODEX access points that are operated by Union institutions, bodies, offices and

agencies and impacting the security of the e-CODEX system, unless an equivalent

[...] notification procedure applies under [...] other [...] Union legal acts.

3. The notifications under paragraphs (1) and (2) shall confirm whether the list of

authorised e-CODEX access points and the list of the digital procedural standards

which they are authorised to apply remain up-to-date.

Article 15

Monitoring and reporting

1. For the first time two years after it takes over responsibility for the e-CODEX system, and

every two years thereafter, eu-LISA shall [...] submit a report to the Commission on the

technical functioning and use of the e-CODEX system, including the security of the

system.

2. eu-LISA shall consolidate the data received from the Commission and the Member States

pursuant to Articles 5(4), 7(1) and 14 and provide the following indicators as part of the

report provided for in paragraph 1:

(a) the list and number of digital procedural standards [...] for which the e-CODEX

system has been used during the reporting period;

9005/21 XT/mg 37


(b) the number of authorised e-CODEX access points for each Member State and for

each digital procedural standard [...];

[...]

(c [...]) the number of technical messages sent through the system for each digital

procedural standard [...] between each of the authorised e-CODEX access points;

(d [...]) the number and type of incidents impacting the security of the e-CODEX system

and compliance information with the e-CODEX security plan.

3. For the first time, three years after eu-LISA takes over responsibility for the e-CODEX

system, and every four years thereafter, the Commission shall produce an overall

evaluation of the e-CODEX system. That overall evaluation shall include an assessment of

the application of this Regulation and an examination of results achieved against

objectives, and may propose possible future actions. At the time of the first evaluation, the

Commission shall also reexamine the role of the Programme Management Board[...]. The

Commission shall transmit the evaluation report to the European Parliament and the

Council.

Article 16

Amendments to Regulation (EU) 2018/1726

Regulation (EU) 2018/1726 is amended as follows:

(1) in Article 1, the following paragraph 4a is inserted:

“4a. The Agency shall be responsible for the development, operational management,

including technical evolutions, of the computerised system for the electronic

exchange of data [...] in the context of cross-border judicial cooperation in civil

and criminal matters [...] (e-CODEX system.)”;

(2) the following Article 8b is inserted:

9005/21 XT/mg 38


“Article 8b

Tasks related to the e-CODEX system

In relation to the e-CODEX system, the Agency shall perform:[...]

(a) the tasks conferred on it by Regulation (EU) No XXX/20XX of the European

Parliament and of the Council*;

(b) tasks relating to training on the technical use of the e-CODEX system, including

provision of online training materials.

__________

* on a computerised system for the electronic exchange of data [...] in the context of

cross-border civil and criminal matters [...] (e-CODEX system), and amending Regulation

(EU) 2018/1726 (OJ L …).”;

(3) in Article 14, paragraph 1 is replaced by the following:

“1. The Agency shall monitor developments in research relevant for the operational

management of SIS II, VIS, Eurodac, the EES, ETIAS, DubliNet, ECRIS-TCN,

e-CODEX and other large-scale IT systems as referred to in Article 1(5).”

(4) in Article 19, paragraph 1 is amended as follows:

(a) point (ff) is replaced by the following:

“(ff) adopt reports on the technical functioning of the following:

(i) SIS pursuant to Article 60(7) of Regulation (EU) 2018/1861 of the European

Parliament and of the Council* and Article 74(8) of Regulation (EU)

2018/1862 of the European Parliament and of the Council**;

9005/21 XT/mg 39


(ii) VIS pursuant to Article 50(3) of Regulation (EC) No 767/2008 and

Article 17(3) of Decision 2008/633/JHA;

(iii) EES pursuant to Article 72(4) of Regulation (EU) 2017/2226;

(iv) ETIAS pursuant to Article 92(4) of Regulation (EU) 2018/1240;

(v) ECRIS-TCN and of the ECRIS reference implementation pursuant to

Article 36(8) of Regulation (EU) 2019/816 of the European Parliament and of

the Council***;

(vi) the interoperability components pursuant to Article 78(3) of Regulation (EU)

2019/817 and Article 74(3) of Regulation (EU) 2019/818;

(vii) the e-CODEX system pursuant to Article 15 [...] of Regulation (EU) XXX of

20XX [this Regulation]

__________

* Regulation (EU) 2018/1861 of the European Parliament and of the Council of

28 November 2018 on the establishment, operation and use of the Schengen

Information System (SIS) in the field of border checks, and amending the Convention

implementing the Schengen Agreement, and amending and repealing Regulation (EC)

No 1987/2006 (OJ L 312, 7.12.2018, p. 14).

** Regulation (EU) 2018/1862 of the European Parliament and of the Council of

28 November 2018 on the establishment, operation and use of the Schengen

Information System (SIS) in the field of police cooperation and judicial cooperation in

criminal matters, amending and repealing Council Decision 2007/533/JHA, and

repealing Regulation (EC) No 1986/2006 of the European Parliament and of the Council

and Commission Decision 2010/261/EU. (OJ L 312, 7.12.2018, p. 56).

9005/21 XT/mg 40


*** Regulation (EU) 2019/816 of the European Parliament and of the Council of

17 April 2019 establishing a centralised system for the identification of Member States

holding conviction information on third-country nationals and stateless persons

(ECRIS-TCN) to supplement the European Criminal Records Information System and

amending Regulation (EU) 2018/1726 (OJ L 135, 22.5.2019, p. 1).” ;

(b) point (mm) is replaced by the following:

“(mm) ensure annual publication of the following:

(i) the list of competent authorities authorised to search directly the data contained

in SIS pursuant to Article 41(8) of Regulation (EU) 2018/1861 and

Article 56(7) of Regulation (EU) 2018/1862, together with the list of Offices of

the national systems of SIS (N.SIS) and SIRENE Bureaux pursuant to Article

7(3) of Regulation (EU) 2018/1861 and Article 7(3) of Regulation (EU)

2018/1862 respectively;

(ii) the list of competent authorities pursuant to Article 65(2) of Regulation

(EU) 2017/2226;

(iii) the list of competent authorities pursuant to Article 87(2) of Regulation

(EU) 2018/1240;

(iv) the list of central authorities pursuant to Article 34(2) of Regulation

(EU) 2019/816;

9005/21 XT/mg 41


(v) the list of authorities pursuant to Article 71(1) of Regulation (EU) 2019/817

and Article 67(1) of Regulation (EU) 2019/818;

(vi) the list of authorised e-CODEX access points pursuant to

Article 6(1 [...])(g [...]) of Regulation (EU) XXX of 20XX [on the e-CODEX

system – this Regulation];”;

(5) in Article 27(1), the following point (dc) is inserted:

“(dc) e-CODEX Advisory Group;”.

9005/21 XT/mg 42


CHAPTER 3

Final provisions

Article 17

Committee procedure

1. The Commission shall be assisted by a committee. That committee shall be a committee

within the meaning of Regulation (EU) No 182/2011.

2. Where reference is made to this paragraph, Article 5 of Regulation (EU) No 182/2011 shall

apply.

Article 18

Costs

1. The costs incurred in the performance of the tasks referred to in Article 6 shall be borne by

the general budget of the European Union.

2. The costs for the tasks referred to in Article 7 and Article 8 shall be borne by the Member

States or [...] the entities operating authorised e-CODEX access points [...].

9005/21 XT/mg 43


Article 19

Entry into force

This Regulation shall enter into force on the twentieth day following that of its publication in the

Official Journal of the European Union.

This Regulation shall be binding in its entirety and directly applicable in the Member States in

accordance with the Treaties.

Done at Brussels,

For the European Parliament For the Council

The President The President

9005/21 XT/mg 44

ANNEX I JAI.2 LIMITE EN

ANNEX I1

[…]

Software products, documentation and related [...] assets to be handed over to eu-LISA under

Article 9

(1) Central Testing Platform (software product that provides a set of functions which can be used

to verify the correct operation of e-CODEX access points and the correct use of the e-CODEX

digital procedural standards in the connected systems linked to these)

(2) Configuration Management Tool (software product used to assist in the performance of the

task defined in Article 6 (1 […]) (d […])

(3) Metadata Workbench (software product used to assist in the performance of parts of the tasks

defined in Article 6)

(4) EU e-Justice Core Vocabulary (asset for reusable semantical terms and definitions used

to ensure data consistency and data quality over time and across use-cases)

(5) Architecture documentation (documentation [...] used to provide technical and

informative knowledge to stakeholders on the choice of standards to which other assets

of the e-CODEX system [...] must comply)

1 The original Annex I in the initial proposal has been deleted. The current Annex I

corresponds to Annex II of the initial proposal with amendments included.

Documents

Subject: Proposal for a REGULATION OF THE EUROPEAN